Search Terms: personal w/5 information w/5 privacy, House or Senate or Joint
Document 113 of 261.
Copyright 2000
Federal News Service,
Inc.
Federal News Service
View Related Topics
May
9, 2000, Tuesday
SECTION:
CAPITOL HILL HEARING
LENGTH:
15636 words
HEADLINE:
HEARING OF THE SOCIAL SECURITY SUBCOMMITTEE OF THE
HOUSE
WAYS AND MEANS COMMITTEE
SUBJECT: MISUSE OF SOCIAL SECURITY NUMBERS
CHAIRED BY: REPRESENTATIVE E. CLAY SHAW JR., (R-FL)
LOCATION: 1100 LONGWORTH
HOUSE
OFFICE BUILDING, WASHINGTON, D.C.
TIME: 10:00 AM. EDT DATE: TUESDAY, MAY 9, 2000
WITNESSES:
JOHN T. STEVENS JR., VICTIM OF SOCIAL SECURITY IDENTITY THEFT;
MARY ELIZABETH STEVENS, VICTIM OF SOCIAL SECURITY IDENTITY THEFT;
JAMES G. HUSE JR., INSPECTOR GENERAL, SOCIAL SECURITY ADMINISTRATION;
BARBARA D. BOVBJERG, ASSOCIATE DIRECTOR, EDUCATION, WORKFORCE AND INCOME SECURITY ISSUES, HEALTH, EDUCATION AND HUMAN SERVICES DIVISION, GENERAL ACCOUNTING OFFICE;
BODY:
REP. E. CLAY SHAW, JR. (R-FL): Good morning. I apologize for being about two minutes late starting this morning. Welcome to the first day of our two-day hearing about a topic that is on many people's minds today, and that is
privacy
and security of their
personal information,
starting with their Social Security number. Just about everyone's privacy and financial security depend upon seeing these numbers used as originally intended; that is to track our earnings so Social Security knows whether we qualify for benefits and what we should get.
But today our interests go well beyond that. Social Security numbers have evolved into every corner of our lives, from qualifying for other government benefits, to collecting child support, to obtaining instant credit. We value these expanded uses when we want to buy and drive home a car on the same day on a Saturday afternoon; yet many people have started to wonder about the proliferating uses of Social Security numbers and the privacy and security implications of all of this. Most telling are the rapidly rising allegations of fraud involving Social Security numbers. That is cause for great alarm. That's why we are holding these extended hearings. We need to carefully consider the causes and consequences of the expanded use and increasing misuse of Social Security numbers. And while we are committed to finding better ways to combat fraud, we need to carefully consider the consequences of any actions on this complicated issue.
With us today are two people who know too much about Social Security number fraud. John T. and Mary Elizabeth Stevens will tell us how their lives were turned upside down by someone who stole their Social Security numbers. They lost their credit rating, were refused loans, incurred large legal bills and spent three years fighting to get their good names back, and their battle still isn't over.
Next, the General Accounting Office will provide an overview of the effect of limiting the use of these numbers for government and private businesses. Then Social Security's inspector general will provide specific recommendations for improving systems designed to protect the privacy and security of Social Security numbers. Later this week we will hear from privacy experts, consumer advocates, and representatives of industries that use Social Security numbers in the course of their business.
We will also consider legislative recommendations of outside groups as well as members of Congress. Clearly, we won't suffer from a lack of ideas to better protect everyone who has a Social Security number. To be sure, better protecting Social Security numbers is only one piece in the puzzle of combating identity theft. And no one proposal will constitute a total solution. But since Social Security numbers often represent the entry point for rip-off artists and identity thieves, there's no better place that we should start.
We will find that each proposal we consider comes with trade- offs, often balancing privacy and security against commerce and efficiency. But just because this is complicated and difficult doesn't mean we shouldn't act. Indeed, we should. In the coming weeks with the support of the administration and our colleagues on this panel, we can approve legislation to better protect Social Security numbers from misuse. In my view, such legislation should increase fines and penalties for identity theft, give the inspector general new powers to catch these, and better protect the privacy and integrity of Social Security numbers.
As I mentioned, that will not solve all problems of identity theft, many of which stretch far beyond our subcommittee's reach. But if we can take some commons-sense and bipartisan steps in the right direction, indeed we should.
I look forward to working with all of our witnesses and all of our members to do the right thing. At this time I represent, I yield to Mr. Matsui for any remarks he might want to make.
REP. ROBERT T. MATSUI (D-CA): Thank you very much, Chairman Shaw. I appreciate the fact that you're holding these hearings. I think they're extremely important. Last year I think my staff advised me that there were 19,000 reported cases, and these were just reported cases of Social Security fraud and abuse, and we suspect there were many more. And with the increased use of the web and the internet, I suspect that unless the Congress gets involved in this issue in a very substantive way, we will probably see more and more fraud and abuse.
Certainly with both the Social Security number and a driver's license, a potential criminal can do almost anything he or she wants in terms of getting private informations from our citizens. And so I look forward to obviously hearing from Colonel Stevens and Mrs. Stevens, and obviously the GAO and inspector general of the Social Security Administration. I want to thank you, Chairman Shaw, for your leadership on this issue, and certainly I look forward to working with you in a bipartisan fashion. Thank you.
REP. SHAW: Thank you. Should any other member have any opening statement to make, we will make that a part of the record. At this time, I'd like to recognize our first panel whom I mentioned in my opening statement. Lieutenant Colonel Stevens and Mrs. Stevens. You may proceed as you wish. We have the text of your full statement, and you may summarize as you see fit.
COL. STEVENS: Yes, sir. I have summarized the full statement, and this is what I will present today. My wife and I are encouraged that this subcommittee is looking into the widespread use and misuse of the Social Security number. We have experienced this misuse now for over three years. We hope that by testifying here today we can alert others of the danger of this crime and the toll it takes on your life to fight it.
This horrible nightmare started in March 1997 with a phone call from Nations Bank demanding payment on a 1997 Jeep Cherokee which of course I don't have. We immediately requested our credit reports from the three major credit reporting agencies. The total damage was 33 fraud accounts with a value of $
113,000.
We wrote letters to the credit reporting agencies listing the fraud accounts and requesting their removal. When this approach failed, we hired an attorney to write to them. This didn't work either.
I then used the Internet to locate the fraud accounts, identify a point of contact, and have our attorney send them a sworn affidavit. We cleared most of the fraud accounts and data in about a year. There were some creditors, however, who refused to accept our affidavits. The nightmare continues.
When some creditors delete an account it is transferred to a third-party collection agency. This returns the account to our credit report under their name and with the same account number. So far, we have had to deal with over 14 third part collection agencies. They are nasty people to deal with. When we refused to pay even a reduced amount to close the account, it is transferred to another collection agency. My wife has had one account recycled six times to different collection agencies, and I have had one recycled four times within the same collection agency.
They are all from accounts that have been previously cleared. We have received some copies of the applications that opened these accounts. Usually only first and last name is listed. Sometimes a wrong middle initial is given. Various spellings of our last name, different places of employment, birthdays, home addresses and all are listed. Usually the only correct item is the Social Security number. The creditor approves these applications after the information is verified by the credit reporting agency.
Only when we have lived in Maryland for over 35 years, knew the creditor and other credit reporting agency questioned home address in Texas, the opening of numerous accounts in different states or any other significant changes to our personal data.
My wife currently has a default judgment against her in Texas. This is for furniture bought and delivered to an address there. It was repossessed from the same address when the loan defaulted. The furniture company obtained a default judgment against the name listed on the application that is not my wife's name. The credit reporting agency then listed it in my wife's credit report. Our attorney wrote to the judge and to the furniture company to have the judgement vacated. The furniture company stated in a letter back to him that they had used the items in the application to check her credit file for the credit bureau of North Texas. It was approved even though the Social Security number was the only correct item in the application. The judge never responded.
The Social Security number is the primary and sometimes the only means of identification required to open an account. Any variation of a name, address and place of employment, age or spouse name is acceptable. When the account goes bad, the correct address is located and the harassment begins. When you challenge a fraud account, a 30- day investigation is initiated. This investigation is usually a farce. The usual finding is, the information being reported is correct.
As long as that continues to be a lack of responsibility and accountability by the creditors and the credit reporting agencies and the Social Security number is considered a national personal identification number or PIN, we will have a problem of identity theft.
Our Social Security numbers are available on the network of DOD computers and through DEERS. We have to put our Social Security number, home address, telephone number and rank on a check to pay for purchases in the base exchange or the commissary on any military base. The Andrews Federal Credit Union uses the Social Security number for an account number. The last four digits in your Social Security number must be provided to have clothes cleaned or altered at Andrews Air Force Base.
Civilian medical facilities which we are now forced to use demand our Social Security number and our driver's license number. Merchants ask for a Social Security number and a driver's license number to write on your check or a charge slip. Our greatest vulnerability for fraud, however, is on a military base where the Social Security number is openly used and not fully protected from unauthorized disclosure.
I believe that the creditors who accept fraudulent information from an imposter and the credit reporting agencies that ignore these obvious changes should be held equally responsible for the mental, physical and monetary damage caused by their negligence. They are just as guilty of fraud as the imposter who opens the account. We do not want to spend the rest of our lives correcting the fraud accounts and false data that so easily becomes a part of our credit report. We are prevented from buying a home, establishing a credit account, making purchases and leading a normal life.
We are tired of the harassing phone calls and the threatening letters. I am now 72 years old, and my wife is three years younger than me. We have been married for over 45 years. We hope someday soon that we can get our lives back and begin to enjoy our retirement in the time we have left to be together in this world. We do not consider ourselves victims. It doesn't fit. I prefer the designation "targets." A target can take evasive action, activate countermeasures and fight back.
Our warrior instinct drives us to keep going until we win this battle. We intend to fight this crime with every resource we can muster. We have been assisted by many people, and we wish to express our thanks for their help and encouragement.
I would also like to thank this subcommittee for recognizing that there is a very severe identity theft problem in this country caused by the free access and widespread use of the Social Security number as a primary and sometimes the only means used to identify a person. I hope that with your continued concern and support this national problem will be contained and solved. My wife and thank all of you.
REP. SHAW: Ms. Stevens, do you have a statement?
MS. STEVENS: I just want to say that we really do appreciate being able to share. I guess I would call it Stevens Soap Opera at this point. It's not a very pleasant one, but we would like to see that others, as many as we can prevent, going through this kind of nightmare and working together and with your help, and we do appreciate you going into this. I think we can ace it, but it's really been an interesting experience and one we could have done without.
May I just leave you with a quick quotation here? There's a saying, a diamond is not polished without friction nor man without adversity. And my husband seems to think and I do too that we've had enough polishing. But I guess it's going to go on for awhile longer until we do solve it. But thank you so much, Mr. Chairman, all of you, for your help.
REP. SHAW: Thank you. Thank you both. Mr. Johnson.
REP. SAM JOHNSON (R-TX): Thank you, Mr. Chairman. It's a pleasure to have you all with us. Do you feel like there's any connection between military and your problems-- you know, the Social Security number in particular?
COL. STEVENS: All I know is that when my wife first had to put her Social Security number on our own dependent's ID card the fraud seemed to increase. It seemed to start at that point. We have no proof that that was what did it, but it's just the circumstance. Also, our Social Security numbers are listed in all the DOD computers which you can access at any pace, anywhere that they are located. And we also used to come under the medical facility, theirs, until they kicked us out. And our numbers were available then too.
REP. JOHNSON: Well, but those numbers are the military identification number as well, so what do you want them to do? You were probably in the service the same time I was when we had different numbers, and they went to the Social Security number because it was easier to collate, and but it's listed on your ID card just as a number. It doesn't say it's a Social Security number.
COL. STEVENS: Oh, it's so easily identifiable. It's only a nine-digit number, and it's on everything we have to do. You can't even get clothes dry-cleaned without leaving your last four. And whenever you make a purchase and use a check you have to put all that information on there. Now they may protect it themselves, say in the base exchange system, but it has to go through a lot of people before it gets back to you as a cancelled check. And anyone along the way can pick off this information and use it as we suspect has probably happened.
REP. JOHNSON: Well, my experience has been that you don't have to put that number on a check.
COL. STEVENS: No, sir. We just gave a list, someone a thing that was in the Air Force Times that said that it must be on your check and that it is covered, it is the law that requires that.
REP. JOHNSON: You mean when you're -- wait a minute. I don't think there's any law that requires that.
COL. STEVENS: Oh, on a military base to use any of their facilities like a base exchange or a commissary you have to put your Social Security number, home address, phone number, rank and every, all the other information on your check before they'll cash it.
REP. JOHNSON: Well, it's called a military ID number too. And I understand what you're saying, but I don't think there's any federal law that requires that.
COL. STEVENS: This article in the Air Force Times--
REP. JOHNSON: It's probably in the military regulation is what it is, and they've done that to protect themselves at those stores. Do you, can you tell me if you believe that there's any other reason other than Social Security number that your credit people got involved with it in?
COL. STEVENS: If you look at some of the applications, sir, you'll see that the only correct item on many of them was the Social Security number, and different addresses, different spellings of our first and last name, different places of employment. In other words, it was so obvious it wasn't us that we wonder why it got through the credit reporting agency. But the Social Security number has been the consistent piece of identification that has been used to identify us in all the fraud accounts.
REP. JOHNSON: And the credit company though, when you asked them for your credit rating and listing, they are supposed to give you that information. Do they do that?
COL. STEVENS: Oh, yes. They will give it to you. In fact, in Maryland thank goodness you can get them free. But in other states they charge you. But if you've been denied credit or have a problem you can request them, and they'll send you one free.
REP. JOHNSON: Well, they're supposed to give you one free in any state. They do in Texas, because I've done it.
COL. STEVENS: That wasn't my understanding, sir, but it's only Maryland and several other states that they don't charge you $
5 or $
7 for them.
REP. JOHNSON: Well, when you pursue it do they then clear your records? Because my experience has been that they clear your records, and your testimony indicates they didn't on your--
COL. STEVENS: Absolutely not. We would submit letters-- I wrote stacks of letters to them listing all the fraud accounts, and some of them would be cleared, but the majority of them they would have to go through a 30-day investigation period which is I believe all they do is they go back to the person who opened the account in the first place, the creditor, and say, is this information correct? And of course it comes back, it is, and we'd get a reply that the information is correct as listed.
REP. JOHNSON: Let me ask you one final question.
COL. STEVENS: We finally gave up on that approach.
REP. JOHNSON: I'm about to run out of time, but let me ask you one more if I may, and that is do you feel like that we should investigate the military process of requiring a Social Security number on all their documents?
COL. STEVENS: I don't know whether "investigate" is the correct term, sir, but the fact that it's required and everyone wants it is what makes us very vulnerable-- the fact that the Social Security number can be used in other aspects such as opening accounts rather than identifying you as a legitimate military person.
REP. JOHNSON: Thank you so much.
COL. STEVENS: We need-- oh, I had a five-digit serial number before as a regular officer, and that was much more convenient.
REP. JOHNSON: Yeah. I did too. Thank you for your testimony.
REP. SHAW: When they say they want your name, rank and serial number that means name, rank and Social Security number?
COL. STEVENS: Yeah. I guess that's what the enemy asks you for now.
MS. STEVENS: Oh, dear.
REP. SHAW: Mr. Matsui.
REP. MATSUI: Thank you, Mr. Chairman. Thank you for your testimony, Colonel Stevens, Mrs. Stevens. Do you know whether there was more than one person involved in this $
113,000 consumer fraud?
COL. STEVENS: It's fairly widespread. It could be more than one person. It seems to be consistently located around Sheppard Air Force Base at Wichita Falls, Texas. And we really don't have any proof other than that just looking at the applications that come back and the various information that shows up on our credit reports.
REP. MATSUI: You know, it's somewhat frightening what you've testified to because-- I mean, apparently this person purchased a 1997 Jeep Cherokee; is that right?
COL. STEVENS: Yes, sir.
REP. MATSUI: And using your-- now, did you know whether he had any other, that-- whomever that person was, had any other credit information on you or was it basically-- the used the Social Security number to get other information, and then they basically identified themselves as you? Is that--
COL. STEVENS: The other information would generally be that that was available through the fact that I'm retired military. But I can't, I have no proof of that.
REP. MATSUI: Have they apprehended this individual or --
COL. STEVENS: The applications are there. If the people who granted them the credit wanted it they could go after the people listed in the application, but they don't do that. They come after us.
REP. MATSUI: Now-- but, now obviously you've been to the law enforcement agencies, and have they-- and I'm assuming they have opened a file. And are they, have they captured the, or at least identified the individual who has been using your good name?
COL. STEVENS: Well, let me give you an example, sir. In the account that was opened up in Nations Bank in Wichita Falls, we got a call from the person who opened the account, the loan officer, and she said that she had talked to John and Mary Stevens. They had come in, and she had met them personally while they were opening the account. And she called to apologize to us for the problems. But I asked her what the age of these people were, and she said, well, they're in their late to late 30s. And then I pointed out to her-- I said that if you, it was so obvious that-- well, it wasn't obvious to her. I understand that. But what it amounted to is that our Social Security number was issued before they were born. And a simple check like that would have eliminated quite a lot of problems in our case.
REP. MATSUI: But they didn't-- to your knowledge, and again I wouldn't expect you to have this information but I mean I would imagine you've done some research on this, or maybe not, but there wouldn't be any reason for you to have done any research on it-- but you don't know how this person actually made the transaction and what information the individual that was using your name used in order to-- I mean, drive out with a $
30,000 automobile, or $
20,000.
COL. STEVENS: We don't know where they got it if I'm hearing them correctly, sir. All we know is that they had first and last name, Social Security number, and the same case as my wife they just used generally her first and last name plus her Social Security number.
REP. MATSUI: Now, and you have no knowledge at this time about whether the individual that has used your name has been apprehended or identified?
COL. STEVENS: I don't know that they've been apprehended. However, they could have been. They seem to me that the person who opened the account has enough information to go and get them. You see, we aren't considered the person who is experiencing the loss. The, to make --
REP. MATSUI: The bank is, I guess, huh?
COL. STEVENS: The banks are the ones that make the loss, and they are the ones that really can bring the charges. Up until recently there wasn't a law against this, and especially we live in Maryland, and they were in Texas.
REP. MATSUI: Now, if I can ask you this question? Have finally the credit collection agencies stopped, and has your record been --
COL. STEVENS: Not at all. I just, I got a recent report where they recycled another account back in for the fourth time, even though I had a, I have a letter clearing me of that account from that same third-party collection agency. This is on an account that had been previously cleared back in 1997 with affidavits. And they just keep recycling these things. My wife has one on a $
2,000 diamond that she can tell you about.
MS. STEVENS: As of 10 April this seems to come around about every four to six months, and I explained I'm not the individual. Well, give us your last four. We'll determine if you are the individual. And I will say, by what authority or what law? Because all through the past time up until the law has been passed-- now the federal law which thank goodness-- but I would get no help from them. They'd say, all right, we'll delete it. Finally, you know-- first though, before they would say they would agree to delete it they would let it rest for a little while and maybe in about two or three weeks or a month I would get a letter, "If you will pay this amount, say, maybe $
800 and something, we will clear this for you." And of course I wouldn't pay them a dime. So we'd start around again. Delete it.
They'd give it to the credit bureaus, it's deleted, and then later on it comes around again.
I have in my briefcase three sets right now. There are more. I travel with about ten boxes in my little station wagon up and down the coastline here visiting grandchildren, but I'm always prepared to explain this, this issue. But it's really devastating because there seems to be no end to the, the recycling of the third parties. And it seems to be a new approach I've just remembered here. In the past month my husband, and maybe I should let you tell this one, he's had two calls come in. The phone will ring and it's an 800 number that we're to call back on a business call. And you want to explain?
COL. STEVENS: Well, you call back on the 800 number, and then they tell you about this account that you owe on, and you can arrange to make arrangements to pay it. So it just continues. It's a never- ending story. I think I explained it in my long write-up it's like you blow out this trick candle and it keeps re-lighting itself.
REP. SHAW: Well, thank you for sharing your very sad story with us, and we appreciate it very much. Thanks.
Mr. Portman?
REP. ROB PORTMAN (R-OH): Thank you, Mr. Chairman. And Colonel and Mrs. Stevens thank you for being willing to stand up for the rights of others, and as Mrs. Stevens said, you're here in part to tell us your story, but what you're doing is helping others avoid what you went through. When I look at your testimony and hear what you had to had say today, you spent the last three years kind of living in a horror story.
MS. STEVENS: Absolutely. Absolutely.
REP. PORTMAN: And I'm sorry for that. I wish that we had the power to wave a magic wand and make your problems go away and to be able to keep others from having to go through that because I know how frustrating it is. I have not been through what you've been through, but all of us have been through some of these issues with credit card companies and collection agencies and so on and with misinformation. And it's just so frustrating to get through the bureaucracy.
I'm concerned because my wife was born in Wichita Falls, Texas at an Air Force base, and maybe I'll get linked back to that same source of your problem. Is it Sheppard's Air Force Base?
MS. STEVENS: Yes. Sheppard is in Wichita.
COL. STEVENS: Sheppard Air Force Base. I think is, seems to center around that area.
REP. PORTMAN: Let ask you a couple questions if I could. You talked about what creditor reporting agencies could do better and what creditors could do better, and I can't believe they didn't have the spelling of your names weren't even correct. You said the spellings of your last name were not correct, and yet based on the Social Security number they went ahead and processed things and didn't even look at the application.
COL. STEVENS: That's correct.
REP. PORTMAN: And that clearly is a major problem. I don't know enough about the rules and regulations there. I know this committee doesn't have jurisdiction over all that, but it seems to me that's one area we could do more. Do you agree with that? I mean, shouldn't the reporting agencies at the least be responsible for looking at the application and have some liability if they go ahead and process something where the names aren't spelled right?
COL. STEVENS: Absolutely. The things are so obvious that it's a wonder that they don't do it. One of the things that I run into is that one of the representatives of the credit reporting agency said that they couldn't be concerned with changes of address because at least 15 percent of the people move every year, and they would be inconvenienced by applying.
Well, my answer to that was that that means 85 percent of the people do not move. Therefore, why are you subjecting them to all this harassment based on trying to not inconvenience them?
REP. PORTMAN: Yeah. And what did they say with regard to not looking at the spelling of the name?
COL. STEVENS: They really had no answer.
REP. PORTMAN: People don't change their names.
COL. STEVENS: We have to-- that's one of the things we have to continuously do when we get our credit reports-- go in and correct the misinformation that that even keeps recycling into it. The wrong addresses, the wrong employment, spelling of the name. And what infuriates my wife is they just use our first name because that is now her fraud name. She likes to go by both of them. And they'll come in and list my spouse's name as "Mary." Of course I have to sit there and listen to the explosion.
MS. STEVENS: May I add this quickly on this line of thought? I was just remembering, with the Social Security number the first time frame my husband did the letter writing, and I was the speaker of the house, so to speak, for the phone. I stayed on the phone for about three months every day giving my Social Security number to total strangers. But in that process he was away, and I found that I could cross reference numbers and figure out the accounts. Well, they would send in a new report, and they commingled our Social Security number at one point. In other words, they had part of my number and part of his number and then another report came in from one of the bureaus and he had a totally brand new number. It was zero, zero, zero, zero, zero-- a string of zeros-- and then a one. And I couldn't figure that one out. But of course the credit bureaus had no answer-- well, it was just a mistake.
But I think the one that really got to me was, I read a report and at the very end it says, according to Social Security this individual has been deceased for 22 years.
And they're addressing this letter to me.
REP. PORTMAN: That makes you feel kind of bad, doesn't it?
MS. STEVENS: Well, my husband said he knew something was wrong.
(Laughter.)
REP. PORTMAN: Let me ask you one more question if I might. Time is running out. We do have jurisdiction over the Social Security Administration. That's something this subcommittee takes very seriously, do a lot of oversight. Have you contacted SSA, and have they been helpful to you? Have you sought a new Social Security number, for instance, and have they responded to that? What could the Social Security Administration do to help in these kind of problems?
COL. STEVENS: We have not contacted them about getting a new Social Security number I don't think would be a good idea since it is my retired Air Force service number. And it would really --
REP. PORTMAN: It could lead to other problems.
COL. STEVENS: It would really complicate things to change that because the VA would have to come into it and everything else. The only thing that I haven't run into is that they don't seem to be using my Social Security number for employment because I've received no information that additional contributions have been made as far as --
REP. PORTMAN: That's where you want it to be used.
COL. STEVENS: That would help-- help offset some of the expenses we've gone through.
REP. SHAW: Mr. Weller?
REP. JERRY WELLER (R- IL): Thank you, Mr. Chairman, and this is a very interesting hearing. I very much want to thank Colonel and Mrs. Stevens for stepping forward, being part of this. It's reading your testimony and listening to your testimony today it's frightening what could happen to individuals.
The Congress, we have some issues before us that we're very concerned for personal security, and here's a case where your personal security was violated. I remember when I was in college we often joked that the only number we needed to remember was our Social Security number, and people used to put it on the back of their T- shirts and jerseys as a joke because that was their number that identified us everywhere we went and filled it in.
And here's a case where someone took yours.
Also, as we also in this Congress we're looking at with the advent of technology, particularly information technology on the internet, how we can protect the privacy of individuals. And of course in this case your privacy was violated as well as your personal security, when someone absconded with your Social Security number.
Let me ask from your standpoint when you discovered that someone was using your Social Security number, did you contact law enforcement?
COL. STEVENS: No, sir, because at that time it wasn't against the law. Again, we are not considered the persons who are victims, so to speak. It's the credit card company or the bank, so making a police report was, we didn't even try.
REP. WELLER: So you did not even contact law enforcement in any way?
COL. STEVENS: No, because like I say we are not considered the ones that the-- in other words, there's no law against it.
MS. STEVENS: May I add, the attorney was not even aware there was no federal law. We didn't, we weren't aware either. This began March 27, 1997. And up until just recently with the new law which I say is very --
REP. WELLER: Over what period of time did it take between when you discovered someone was using your Social Security number before everything was cleared up and cleaned up? The mess that was created, has it impacted you personally?
COL. STEVENS: Well, this candle keeps re-lighting itself. We actually cleared our records within a year. But then they started recycling on the third party collection agencies. The fraud data kept recycling back in, and we'd fight to clear that and then it would lie dormant for maybe three to six months and then it would show up again. And like I say, we've had some that have been recycled six times. Others, one in my case, one collection agency has recycled the same account within their own organization four times for an account that was cleared.
MS. STEVENS: They don't know what it is.
REP. WELLER: What do you-- Colonel and Ms. Stevens, what do you feel was the biggest obstacle when you tried to resolve this issue? What was the biggest obstacle you faced as an individual?
COL. STEVENS: Getting people to believe you, that you are not the one that opened the account. We have been yelled at and screamed at, cursed at, everything else, by, especially by collection agencies. There was one I mentioned that was very, very nasty to us. But you can't-- they don't believe that. You know, you have to prove a negative. You have to prove that I am not the person that opened that account. And we finally wised up on that one. We go after the creditor and say, prove to us that we are the ones that opened that account. Send a copy of the application. Send us a delivery slip. Send us a charge card slip. And a lot of them are reluctant to do that, but that's the approach that we have now taken.
REP. WELLER: When you were looking for help in solving this, what was your best source of assistance? Who did you turn to that you found that was actually helpful in solving your problem?
COL. STEVENS: There were several people. Beth Giddings (sp), privacy rights, Ed Rizinski (sp).
MS. STEVENS: Mainly I found one of our children found an address, Privacy Rights Clearing House. Beth Giddings is director. I contacted her. I guess it's been over a year ago, and that's how we became involved with this. And then through her USPIRG (sp) and Mary Perg. I was not aware of Mary Perg at the time. And then through them we met Lori Frank (sp) and her material we're using. And she had suffered the same kind of crime as an attorney.
COL. STEVENS: In the Federal Trade Commission there was Cynthia Lamb who was most helpful.
REP. WELLER: They can all serve as resources as we look for ways to help prevent this from happening. Let me, I see my time is running out. If there was one suggestion that you could make as individuals that have suffered the consequences of identity theft through someone else using your Social Security number, what suggestion would you have for the Congress in how we could prevent this from happening to someone else?
COL. STEVENS: The fact that the Social Security number is used as the primary means of identification, that importance should be somehow diluted. And then people should not give this information out. What the problem stems from is the fact that everyone accepts this one little nine-digit number as you, no matter who is bearing it or who is handing it out. That number is you. Nothing else matters. So if you could degrade the importance of that as an identification-- my original Social Security card had on the front of it, "not to be used for identification." And of course they don't put that on there anymore. But if you could reduce the importance of it, have some other means, that would help.
Thank you, sir.
REP. SHAW: Colonel Stevens, I want to go back to some of the questioning for just a moment and I'll recognize Mr. Tanner-- that the colloquy you had back and forth with Mr. Johnson regarding the commissary and how they require that, and thinking this was some type of a federal regulation. As I understand most if not all of these commissaries are privately owned or privately run under contract with the government. Now if I go into Safeway up here or Win-Dixie back home and then the checkout line I want to give them a check, they don't require my Social Security number.
So why should a commissary which actually has a more select clientele than any of the stores on the outside have in which you probably had to show an ID just to get in the door, why should they require your Social Security number for you to give them a check?
I think we'd better look into what the contracts are with these commissaries because to me I would doubt that that is a military regulation. I'm pretty sure it's not statutory. But in any event, it's something that the Congress should really look into. Ms. Stevens, you have a comment on that?
MS. STEVENS: Thank you, Mr. Chairman. Just last night I found-- I discovered this just last night. It's Social Security Number Still A Must When You Write Checks. It's out of Air Force Times May 15, 2000. I made a batch of copies last night of this because I was looking for some copies I have of December 17, 1999, Capital Flier, newspaper from Andrews Air Force Base. I happened to pick up a copy that particular afternoon. It comes out on Friday. And their story was there that a military fraud ring had been discovered in Trenton, New Jersey. Now I did not get that copies together, but I can secure that documentation for you.
Now my husband can explain that better than I.
COL. STEVENS: What happened is that when the major promotion list was approved by Congress that listed all the ones that were promoted with their Social Security number in the Congressional Record. And a ring around McGuire Air Force Base used that to open fraud accounts.
REP. SHAW: Interestingly enough I think many members of Congress don't realize on our congressional ID card is our Social Security number, just as it is on your identification card.
MS. STEVENS: Oh.
COL. STEVENS: Well, it's a national PIN.
REP. SHAW: Yeah. I'm going to-- I have a copy of the article you referred to, and while Mr. Tanner is questioning and inquiring I will read through it and see if I can see exactly what it is.
REP. JOHN TANNER (D- TN): Thank you, Mr. Chairman. I too am impressed by your statement and the severity of what can happen to innocent people who have their identity stolen in the way that has happened to you all. Is it still ongoing?
MS. STEVENS: Yes.
REP. TANNER: With the use of your number, are other accounts and charges being placed?
COL. STEVENS: We have not seen any new accounts. However, our latest credit report listed one in my wife and one for me in each of our credit reports an inquiry that was made, one to buy a car and one for I don't know what, but it was to establish credit. And that someone had applied and was getting information obviously to open an account. We immediately wrote letters to both of these organizations and told them that we had not made any application whatsoever. And so that's why I say it's probably still more attempts to continue opening these accounts, but the primary thing that we are concerned with now is the recycling of the ones that we have closed and cleared.
REP. TANNER: Which brings me to the question I really want to know. I was reading through your statement, and your attorney has notified these people that you are not the ones who opened those accounts. Now, has he advised you that it seems to me after one is notified that this account is a fraud, it's not yours, you don't owe it, properly notified if they continue to recycle it looks to me like there might be a legal remedy called "defamation of character lawsuit" or something against these credit card companies that refuse to accept and acknowledge the fact that it's not your account, not your-- but yet keep recycling it on. You said I think described it as a candle that keeps re-igniting itself.
Could you enlighten me on where you are there? I don't know that that's a possibility, but your attorney I'm sure would.
COL. STEVENS: We haven't explored that possibility. Our main focus was to just get our lives back and get rid of these things that were--
REP. TANNER: Well, I mean, I don't mean to suggest, but I just say that once I know that something's false and I continue to publish it, then it seems to me I have some responsibility there. And you spent, I think, in your statement over $
6,000 just on telephone calls and letters. Somebody owes you for that if they continue it seems to me to publish untrue, and they know it's untrue, allegations with respect to your credit and your account, your payment performance. So I hope you'll explore that with your attorney because oftentimes market forces have a much, may I say, dramatic effect in commerce than anything we might do here immediately. And so I hope you'll explore that. It may be something that, particularly when they know and continue to republish what they know to be false information is not in my judgment something that the law will tolerate, civil law.
COL. STEVENS: I agree, sir. And we'd like to pursue that. Our main focus has been not to recoup as much as to clear. And--
REP. TANNER: But if it's ongoing, how does one ever--
COL. STEVENS: It keeps going, right.
REP. TANNER: Yeah. You want relief.
COL. STEVENS: Well, it has kept us from moving. In other words, when I retired I intended to move back to South Carolina because my 96-year-old mother is there and a lot of my grandchildren. And we couldn't qualify for a loan. You know, we get the high interest rates, yeah, risky interest because you got all these things on your record. But this has delayed us in doing that, and that's why our main focus so far has been to clear it to the point where we could really retire and start to do some of the things we've been putting off for so many years.
MS. STEVENS: I think your idea of going this route of getting help, the situation has been that not too many know how to go about this crime-- as we're learning more about it, the legal profession I think is coming forward. I was reading the material from Lori Frank who's an attorney that was a victim. She suggested that individuals keep perfect documentation so if it comes to a point that one can go into the legal aspect of trying to correct all this we would have something to go on. And I think that's possibly the avenue we're going to have to go, which will be burdensome but it will clear it up.
REP. TANNER: Of course, libel and slander laws have been around for along time. And this seems to me to be something that would be libelous to publish known false information about one's credit. So I hope you'll pursue that. I'd like to know how you -- I want to thank you for being here. This has been enlightening. Thank you very much. Thank you, Mr. Chairman.
REP. SHAW: Thank you, John. I've looked at this article, and we're running it down-- particularly the paragraph that says-- this is the article that Ms. Stevens you referred to-- it says, "Store officials said their Social Security number requirement is found in law." I think that's a misstatement, and prior to the end of this hearing today we will have the answer to that. If it is in law, it will be, Mr. Johnson and I intend to try to take it out of law. But in any event, there has to be some clarification. I just can't conceive of that particular requirement.
But we'll have the answer, and we'll take the corrective action if corrective action is necessary. Mr. McCrery?
REP. HIM MCCRERY (R- LA): Mr. Chairman, I don't have any further questions, but I appreciate the Stevens coming forward today and sharing with us your story which really brings to light some of the problems that undoubtedly many people across our nation are having because of the widespread use these days of the Social Security number. So thank you very much.
REP. SHAW: Mr. Collins.
REP. MAC COLLINS (R-GA): Thank you, Mr. Chairman.
I don't know about South Carolina, but in Georgia, and Mr. Portman and I were discussing Ohio, it's an option in each of our states as to whether or not you use your Social Security number for your driver's license number because when we go into a store in Georgia the driver's license is what they ask for to verify the photo and that you are who you say you are. And then they write down the driver's license number. So some states do have that option, but evidently according to this article South Carolina doesn't. So I encourage you to move to Georgia. It's not far from Columbia.
COL. STEVENS: My daughter lives there.
MS. STEVENS: We have grandchildren there. Great state.
REP. COLLINS: Move to Augusta and play the Augusta national and commute back up there to Columbia to see your mother. Thank you very much for being here.
MS. STEVENS: Thank you.
REP. SHAW: I'm looking at my Social Security card which was issued many years ago, and in fact I've still got the original one. You can see it. I was just advised I shouldn't be carrying it. And I'm looking at one of our younger staffers' card, and his does not say anything about identification. But mine says, "For Social Security purpose, not for identification." Now why that was taken off of the card I don't have any idea. But I think we ought to look into that too because I think that should probably be reinstated on the card itself.
I too want to thank you all for being here and being part of this hearing. It's quite important to us that you would share your really bizarre tragedy with us, and we certainly hope that you can work out of it. I see that C-Span is carrying this hearing, so if you might want to get a copy of it so the next time you have a creditor that gives you problems you can send them a tape of your appearance here before this committee. You've done a real service, and I can tell you that the idea that concerns me greatly that name, rank and serial number has now been changed to name, rank and Social Security number-- that is not a good thing, and we need really to take a close look at that because the fact that you have one number that your Social Security number you've got to constantly get as your employment identification is a real problem. And I can certainly recognize that. We'll be looking further into that. Thank you both.
MS. STEVENS: Thank you, Mr. Chairman. Thank you very much.
REP. SHAW: Okay. The next witness we have from the United States Accounting Office, Barbara Bovbjerg, the associate director at Education, Workforce and Income Security Issues, the Health, Education and Human Services Division. Welcome back to this committee, and we look forward to your testimony which we have placed the full amount of testimony into the record, and you may summarize it as you see fit.
MS. BOVBJERG: Mr. Chairman, members of the subcommittee, I'm pleased to be here today to discuss the uses of the Social Security number. Almost 277 million Americans have been assigned an SSN, and because each is unique to the individual the SSN is frequently used for a variety of purposes. Privacy concerns, coupled with mounting instances of identity theft, have raised public sensitivity to this issue. I'd like to focus my remarks on three aspects of this topic-- federal laws directing SSN use, the purposes for which the SSN is used, and finally the possible impact of restricting its use.
My testimony is based on a report we prepared for this subcommittee in 1998. First, laws directing use. No single federal law regulate the overall use of the SSN, but several require its use to help enforce the law, determine benefit eligibility, or both. For example, the Internal Revenue Code requires that the SSN serve as the taxpayer identification number. This means that taxpayers must report their SSNs when they pay taxes, and their SSNs must also be known to their employers and financial institutions from whom they receive income.
Federal law also requires individuals to provide their SSN when they apply for means tested benefits such as Medicaid or food stamps. The numbers are used not only for record-keeping but also to verify income that individuals report. States are also required to use SSNs in their child support enforcement programs and on a variety of documents such as marriage licenses and death certificates.
Federal law generally does not restrict SSN use except in a few instances. The Privacy Act of 1974 restricts federal agencies in collecting and disclosing personal information including SSNs without the individual's consent. The Driver's Protection Policy Act, a more recent law, restricts state governments from disseminating the SSN with driver's license databases.
I'd like to turn now to how the SSNs are actually used. In our work we focused on those users who reached the largest number of people-- state governments and for the private sector businesses that offer health services, financial services or personal information.
State officials say they use SSNs in both administering programs and enforcing the law. For example, state tax administrators routinely use the SSN as a primary identifier in their state tax systems and to cross-check taxpayer income. State driver licensing agencies most typically use SSNs to check an individual's driving record in other states. Law enforcement agencies use SSNs to check criminal records.
In the private sector, the healthcare industry generally uses SSNs as backup identifiers. Other numbers serve as primary identifiers for patient/medical records. But SSNs are needed to trace patients' medical care across providers or to integrate patient records when providers merge.
Credit bureaus also use SSNs. Such organization build databases of consumer payments and credit transactions. Credit bureaus use the SSN as a principal identifier for retrieving credit histories on demand. Most customers-- insurance companies, collection agencies, credit grantors-- provide an SSN when requesting a credit history and can deny credit to individuals who refuse to provide them.
In contrast to these administrative uses, businesses that sell personal information collect SSNs for the sole purpose of selling them in a linkage with other information. Generally, these databases use SSNs to facilitate record searches when they are sold to customers like lawyers, debt collectors, employers or anyone who might want to carry out some form of background check on an individual.
Finally, I'd like to summarize the possible effects of restricting use of the SSN. Users told us that without the SSN as the unique identifier data exchanges would be at risk. Tax enforcement would be hampered by not being able to verify income reported. States could not readily identify drivers concealing out-of-state traffic violations. Consumer credit histories could not be quickly updated and accurately retrieved.
Some users have voluntarily taken measures to restrict the disclosure of some personal information, including SSNs. Many of the businesses in the personal information industry have signed an agreement restricting SSN disclosure to only a limited range of customers such as law enforcement agencies.
In conclusion, the wide use of the SSN is permissible, but its presence in databases creates privacy concerns and fosters a growing problem of identity theft. Restricting the use of SSNs in law could reduce dissemination of personal information but could also restrict commercial and public sector activities. Such effects could be only temporary however until users devise a new means of identifying personal records.
In an increasingly electronic world, protecting privacy will continue to be a public policy challenge. That concludes my statement, Mr. Chairman. I'd be happy to answer any questions you may have.
REP. SHAW: Mr. Johnson. Mr. Tanner?
REP. TANNER: Thank you very much, Mr. Chairman. Thank you for being here. We just ironically or interestingly enough got a call last week from a constituent in Tennessee whose home had been broken into, lock-box violated, and stolen from that were the birth certificates and Social Security numbers of herself and her children. My question is, what should she do to alert whomever to the possible misuse of the Social Security number and the birth certificate?
MS. BOVBJERG: With the cautionary note that I am not a law enforcement officer, I would tell her to contact legal authorities.
I think that one of the things I was thinking when I was listening to the Stevens family's very troubling story is that in work we did a couple of years ago for this subcommittee on identity theft, we were struck that no single federal agency has law enforcement power in this area. It is difficult partly for this reason to get a sense of frequency and magnitude of identity theft crimes. It's difficult to know how much money is involved, what the costs are. And I think it becomes difficult to know who exactly to talk to when something like this happens.
The Federal Trade Commission has been given more authority to provide public information, to work with the personal information industry on this voluntary disclosure agreement. But they are certainly not the only enforcement authority. And I believe they have to contact appropriate enforcement officials to actually find a person and carry out penalties.
REP. TANNER: Is your answer the Federal Trade Commission then?
MS. BOVBJERG: Pardon me?
REP. TANNER: Is your answer the Federal Trade Commission at the moment? Would that be a good place to start?
MS. BOVBJERG: That would be a good place to start.
REP. TANNER: In your analysis of this, do you think that-- I picked up you said there is no single agency where identity theft crimes are housed may I say. Do you have a suggestion for the Congress on how we should address this area and if there's any legislation you think appropriate?
MS. BOVBJERG: I don't have a suggestion for you. I'm sorry. I think that it's such an emerging area that all federal agencies are struggling with this. You will hear from the Social Security inspector general later some of the things that they are doing to deal with identity theft. But much of what SSA does will focus on the issuance of cards in making sure that only the appropriate people are receiving Social Security numbers. They can't always make changes on the back end. They can't always go after people once they've stolen somebody's number.
I really think that it's something that needs more federal attention, more policy attention, and then it's worth considering how best the federal government can respond to it.
REP. TANNER: Thank you, Mr. Chairman. I really appreciate you having this hearing. This is more potentially disastrous and widespread than many people have thought about. And I want to commend you very much for having this. It's something that I think we've got some room to do some really good work on. Thank you.
MS. BOVBJERG: I think you're right, John, and I think what we're seeing is just a new and growing theft industry that we've really got to nip into the bud. Mr. Portman?
REP. PORTMAN: Thank you, Mr. Chairman. A couple things. First, I appreciate your testimony and follow-on the comment of my colleague from Tennessee. I really appreciate, Mr. Chairman, your having the hearing and taking some time on this, and your personal commitment to it. I understand you walked into a video store somewhere down in Florida and they asked for your Social Security number and you walked out without the video.
That's a frustration. I have a couple things I'd like to raise-- first, with regard to driver's license issue, I notice on page 7 of your testimony that you talk about how since 1998 Ohio no longer prints the Social Security number along state-assigned numbers on the driver's license. It is optional. I notice it's on mine. I'm not going to try to get it off, but it does say "optional" now. It didn't used to be that way. In fact, it was the identifier. And Mr. Collins mentioned that's true with Georgia as well. You can move to Ohio instead of Georgia, for those who are, heard his earlier comments.
But my question to you is, I think this is a very important step in the direction to help ensure individuals' privacy not to require these numbers on drivers' licenses. I'd like to put into the record, Mr. Chairman, if I could a letter that I got from the registrar of the Bureau of Motor Vehicles of Ohio with further comment on the situation in Ohio.
REP. SHAW: Without objection.
REP. PORTMAN: I think it would be helpful with regard to this discussion-- perhaps help other states to move toward this direction as well. And my question to GAO would be, do you have any feedback on how this is working? Again, you mentioned it in your testimony, either in Ohio or in other states?
MS. BOVBJERG: It's really an emerging area because states, it is permissible for states to put Social Security numbers on the drivers' license. They may allow people an option not to have it on. In the meantime, there's recently a court decision that upheld the law saying that states may not sell that information without the express permission of the individual. So there has been a lot of turmoil in the states on drivers' license information, and we haven't been able to determine to what extent things are working or not working at the state level until things settle down.
REP. SHAW: Would the gentleman yield on that?
REP. PORTMAN: Yes. Absolutely.
REP. SHAW: It's my understanding, and I could be wrong, but in the state of Virginia that they use the Social Security number as a driver's license number. Is that correct or incorrect, or do you know?
I'm sure there's someone in this room with a-- I see a head bobbing yes.
MS. BOVBJERG: I'm not a Virginia driver, so I can't say from personal experience. But they can. It is permissible for a state to do that. I think more states are following the Ohio and Georgia lead though of retaining the Social Security number in their records because they need it to determine if somebody has been a scofflaw in another jurisdiction. And they need it to demonstrate that that person has not been a scofflaw in their jurisdiction when someone else asks from another state, but that they can no longer sell that information without individual permission.
REP. SHAW: I've just been handed a Virginia driver's license, and the gentleman's Social Security number appears prominently on it, and it's identified as Customer Number. And I don't believe-- nope. There's no other number on the license. So I think it's very clear that the state of Virginia is using Social Security numbers as the driver's license number, which is something we ought to look into. Thank you.
REP. TANNER: Mr. Chairman, one further question if I might.
REP. SHAW: Yes. I yield back.
REP. TANNER: I guess one of the issues that we might want to look at is penalties at the federal level. What are the penalties now for Social Security number fraud or for misuse under the Identified Theft Act?
REP. SHAW: I don't know the answer to that question. Perhaps the Social Security IG will know better, but I know that the penalties have stepped up, and I believe that the-- I'm looking to see in my notes which law it is, but it's the identity theft and assumption deterrent fact that made identity theft a federal crime. This was in 1998. And that the penalties became substantial criminal penalties. I don't know exactly what those are, but I know that the penalties have expanded in response to that law.
REP. TANNER: Okay. It would be helpful, I think, for the subcommittee to have that research and perhaps the IG can provide it today. If not, if GAO could just provide that.
MS. BOVBJERG: I will contact your office about getting that.
REP. TANNER: That would be helpful. Thank you very much. One final question, Mr. Chairman, which is a general one. Let's say someone refuses to disclose their Social Security number to a private business-- and, again, I reference the chairman had to go watch TV rather than watch a video it sounds like. Can that business by law decline to provide the service?
MS. BOVBJERG: We are not aware of any law that requires the business to serve you if you don't provide information.
It's not so common in a place like Radio Shack. I had a similar experience to the chairman's where they asked me for my phone number and my Social Security number to buy a CD player, and I said no. And they said, oh, okay. And I still got the CD player.
But for credit agencies, credit bureaus, much more frequently, you know, or lenders won't extend credit, will constantly deny credit.
REP. TANNER: Can a bank deny a loan if you refuse to provide your Social Security number? I assume a bank can at this point deny a loan if you do not provide your Social Security?
MS. BOVBJERG: Yes, they can.
REP. TANNER: Thank you, Mr. Chairman.
REP. SHAW: Yes, sir. Mr. Collins, your state was mentioned in the gentleman from Ohio's questioning if you'd like to respond.
REP. COLLINS: Mr. Chairman, we have a lot of residents of Georgia who were former residents of Ohio, and we are pleased to have them. And we expect more. In your review of the misuse of Social Security numbers as it pertains to the commercial or the marketplace, you've done very thorough work indeed. In any sort of way did you find the same misuse of Social Security numbers or identity in earned income tax credit areas?
MS. BOVBJERG: In our work we do not look at misuse of Social Security numbers. We focused entirely on what legally was permissible, what was legally restricted, how different entities were using the numbers, but we did not investigate misuse.
REP. COLLINS: Well, the same could be true then though for those who would misuse a Social Security number in application for the refundable income tax credit.
MS. BOVBJERG: That's right.
REP. COLLINS: Thank you, Mr. Chairman.
REP. SHAW: Thank you, and thank you for your testimony. We appreciate it. It helps round off our knowledge, and I think with regard to the comment as to there's no restriction on asking but they don't have to continue to do it, this goes, to give you the service, this goes back to the check-cashing in the military bases which we are still I guess researching. Thank you so much. We appreciate it. It's always nice to have you back before this committee.
MS. BOVBJERG: Thank you, sir.
REP. SHAW: And our final witness this morning from the Social Security Administration, the Honorable James Huse, inspector general, the Office of the Inspector General. Mr. Huse, welcome back to the committee. You may proceed as you wish. We have your full statement which is made part of the record.
MR. HUSE: Good morning, Mr. Chairman, and subcommittee members. Thank you for the opportunity to testify on this critical issue which impacts greatly on the lives of American citizens. In my full statement for the record I outlined for you the ways in which the SSN has been transformed from a simple agency record-keeping tool into a cornerstone of modern commerce. Although the SSN was never intended to be a national identifier, it has rapidly evolved into the de facto identifier, especially with the introduction of electronic commerce.
Our office is acutely aware that SSN misuse is on the rise because of the large number of SSN misuse allegations we receive and by the increasing number of requests for constituent assistance. In Fiscal Year '99 our fraud hot line processed over 75,000 allegations; 80 percent of these involved the misuse of an SSN with about 32,000 of these having an impact on Social Security's trust fund. Our work has revealed that certain misuse occurs because of vulnerabilities in SSA's processes such as cases where individuals apply for benefits under erroneous or counterfeit SSNs or where individuals sell legitimate SSNs for hundreds of dollars.
We have also seen examples where Social Security's vulnerabilities in its enumeration business process adds to the pool of SSNs available for criminal fictitious identities. Once an improperly issued Social Security number enters the stream of commerce there is scant hope for preventing subsequent damage. In our audit work we have made several recommendations to Social Security to improve its business processes which I have outlined in my full statement for the record.
Through our audit work we have also determined that there is a direct correlation between Social Security number misuse and Social Security's responsibility to maintain accurate earnings records for individuals. When Social Security cannot reconcile Social Security numbers and identifying information provided by employers Social Security sends notices to wage earners requesting pertinent information to resolve these discrepancies.
Most of the responses are returned "undeliverable, address unknown."
Ideally, we would like to pursue the thousands of potential Social Security number misuse and identity theft referrals that we receive each month. However, we are presently lacking the investigative capacity to handle the entire volume. As a result, we are forced to focus on major cases that directly impact on Social Security's operations.
One of our toughest challenges is to find realistic strategies to fight this battle in an effective and efficient manner while remaining focused on Social Security's programs. Our current approach to Social Security number misuse only provides protection for what is Social Security's current area of responsibility. It will be little consolation to the thousands of identity theft victims and private industry whose cases are the responsibility of an array of federal, state and local law enforcement agencies.
We have several suggestions for Social Security and Congress to consider in addition to our formal audit recommendations including, first, regulating the sale of Social Security numbers. Two, prohibiting businesses from refusing services for non-disclosure of a Social Security number when not relevant to the services being provided. Three, requiring photo identification while conducting business with Social Security Administration. Four, urging the implementation of new technologies and databases to help employers, government and private industry verify that names and/or Social Security numbers are correct to improve the identification process. Five, legislating statutory law enforcement authority for our OIG investigators. And, six, broadening our civil monetary penalty authority for the sale or misuse of a Social Security number.
When Social Security, when an SSN misuse compromises Social Security's business processes and the Social Security trust funds, our involvement is necessary and vigorous. To focus on our mission we make tough choices to ensure that we bring the most benefit to Social Security Administration. Yet we often become the court of last resort for victims of identity theft. Therefore, I would appreciate your views on how to fulfil that role that the public seems to expect from SSA and our OIG. Thank you for the opportunity to speak this morning, and I'd be glad to answer your questions.
REP. SHAW: Thank you, Mr. Huse. I have one question, and then I'll yield to Mr. Johnson. And in your six-point solution, you refer to regulating the sale of Social Security numbers. Can you think of any good reason that we should even allow the sale of Social Security numbers?
MR. HUSE: Well, Mr. Chairman, as the previous witness spoke there is a great deal of commerce in --
REP. SHAW: I'm talking about the sale of it. I'm not talking about passing it on. I mean actually getting paid for a list of people with Social Security numbers. To me, there's nothing but mischief involved in such action.
MR. HUSE: Well, it's kind of hard to divide between those two uses, but I agree with you. The flat sale of our identities, to me, is deeply troubling, but it does go on. Much of the information we leave on the record as we transact our own personal commerce migrates to these databases that are maintained by businesses, and it's a big business.
REP. SHAW: Yes, sir. But my question is a very pointed one, and if you'd just answer yes and no and elaborate as you see fit. Can you think of any legitimate reason why somebody would be engaged in the purchase and sale of Social Security numbers?
MR. HUSE: No. There isn't a reason.
REP. SHAW: Thank you. That's a good answer, and I agree with you. Mr. Johnson?
REP. JOHNSON: Thank you. I agree with that too. I think it's atrocious. I wonder if you could tell us-- the federal laws that mandate Social Security numbers in food stamp, Medicaid, those kind of programs. What would happen if we said, you can't use them anymore?
MR. HUSE: It would be very difficult for us to sort out the identity of our recipient and beneficiary population. By default over time beginning with when our serial numbers were changed in the military in the '60s and I was one of those that had his serial number changed over in Vietnam, the Social Security number has migrated to a variety of uses in government. But it's not only at the federal level. It's at the state level and at local government level too.
It's really what sorts us out one from each other.
REP. JOHNSON: Well, but it was pointed out by the gentleman from Georgia to the gentleman from Ohio that in Texas as well we use the driver's license number for ID. What's wrong with using that as opposed to the Social Security number?
MR. HUSE: Nothing whatsoever. I think those are choices that businesses and government can make, but it represents, of course, some business cost. There's a convenience issue here that's also attached to this. And perhaps in the future with new technology there will be even better ways to sort us out one from each other and to identify us as a unique person. But we're kind of locked into this by habituation, I think.
REP. JOHNSON: When you're talking about fraud and abuse and you heard, or I don't know if you were here when the first two witnesses discussed it, but with the advent of our internet and vast communication, do you anticipate more abuse of the Social Security number in the way it's used? Have you seen any of that?
MR. HUSE: Yes. Yes, we, we have. It's growing. I hesitate to use the word "exponentially," but it's increasing by significant numbers each year. Now some of that may be caused by the fact that we are a new agency, only five years old, and our capacity to take these reports gets better each year, but the fact of the matter is the numbers have increased. They've gone up in the tens of thousands each year each of the five years we've been in existence.
REP. JOHNSON: Yeah, but you don't really ask us for any, or submit any solutions for our consideration in that arena.
MR. HUSE: In terms of asking for resources?
REP. JOHNSON: Yeah. Well, no-- trying to fix the problem. How do we slow it down? You know, without saying you can't use Social Security number for any identification.
MR. HUSE: I think the solutions that I can recommend-- I mean, are, there are some huge choices here. No one really readily says that the Social Security number is the national identifier. I mean, we all are very careful that we don't say that. But in effect it is. It's become that. Now, until something replaces that, that facilitates all of the rights and freedoms and ability to trade that we have, I don't know that you can suggest anything else responsibly. I mean, I don't know that I can.
But I agree with you. There needs to be some focus on regulating the use of the Social Security number. There also needs to be some aggressive deterrents. We need to make examples of the people. We have good laws-- the Identity Theft and Assumption Deterrence Act of 1998 is a good law. Before that we have other good laws that Congress has passed in the area of identity fraud.
But it's seeing that those laws are enforced that are critical. All of this falls in on law enforcement agencies which are already manifestly committed to many things. But we need to make this a priority. I think there's an answer in that. I really believe that's the most effective answer. If you make it costly for people to do this--
REP. JOHNSON: The federal attorneys would probably tell you this is low on the totem pole and they're not going to spend time with it. Isn't that true?
MR. HUSE: It's true because it's hard to get to the bottom of what things of value are lost here. I mean, we heard Colonel Stevens and his wife tell us that their reputation has been lost. Well, how do we put a dollar value on someone's reputation? We receive hundreds of constituent letters from all of the members of Congress with individual stories very much like the Stevens. And you know, we've become a court of last resort because they've tried local, state, federal law enforcement, and they've been turned aside because their cases didn't reach thresholds for prosecution. And yet horrific things happen to these folks.
I think that's an area we need to fix too, but I again we need some teeth in that. That's why we've asked for these civil money penalties. Maybe there isn't a case there for a criminal prosecution, but we certainly can sanction the people that are causing some of the trouble for these folks.
REP. JOHNSON: Right. Thank you for your comments. I appreciate them. Thank you, Mr. Chairman.
REP. SHAW: Mr. Huse, is there any case law or statutory law to the effect that the numbers issued are the property of the federal government?
MR. HUSE: Let me consult with my--
REP. SHAW: You can supply that to the record.
MR. HUSE: We may have to check that for the record.
REP. SHAW: I think that's important.
MR. HUSE: I don't know of my own accord.
REP. SHAW: Those are the line of questioning we have. I think that's important to this hearing.
MR. HUSE: (discussion off-the record) Is that a yes or a no? It's regulated in statute, but it doesn't say that it's the property of the United States government.
REP. SHAW: Well, when somebody dies is their number recycled?
MR. HUSE: No.
REP. SHAW: Why aren't you out of numbers?
MR. HUSE: Again, I'd have to ask my actuarial expert. I think that we, there's an infinite possibility still in the issuance of numbers.
REP. SHAW: Pardon me?
MR. HUSE: We still have several hundred million to issue yet, so we're not at the point where they need to recycle.
REP. SHAW: Then you'll go to use the alphabet or something of that nature? Mr. Tanner?
REP. TANNER: Thank you, Mr. Chairman.
Thank you for being here, Mr. Huse. How does your office-- did you hear my comment to the lady that testified before you? How does your office interact with the FTC when the FTC gets a complaint or a notice that there's a possible identity theft in progress?
REP. SHAW: We have a great relationship with the FTC. When the Identity Theft and Assumption Deterrence Act was passed making the FTC the clearinghouse for victims reports, we established a very close relationship with FTC. And they refer to us those cases that they receive that fall under our general jurisdiction. And there are other federal law enforcement agencies in this also-- the Postal Inspection Service, the Secret Service, the FBI. But I would say our relationship with the FTC is probably the closest because we both get into a lot of victim reporting.
Sometimes the victim reporting comes to us in our fraud hot line, and then we refer that to the FTC. These are relatively new processes, so I hope over time they become more vigorous and abiding.
REP. TANNER: What happens then to stop it? Where do you go? What happens? Do you go to the FBI? Do you go to the state police? How do you try to stop it?
MR. HUSE: Well, we have our own investigative arm of the Office of the Inspector General. Albeit small it's still, they're federal agents just like all of the others. And we actively investigate and bring cases to bear just like other federal law enforcement.
REP. TANNER: So you're an investigative law enforcement agency yourself to go and try to find the perpetrator or an identity theft in progress.
MR. HUSE: We focus our efforts on those portions though that deal with where Social Security's programs are being defrauded or other government benefit programs, or an are where the activity like sale of SSNs or whatever has an impact on Social Security's business processes, perhaps trying to corrupt the integrity of one of our employees to get these numbers or something. That keeps us pretty busy.
REP. TANNER: But you actually in your unit investigate and refer for prosecution individual instances of this?
MR. HUSE: We do. And also just to add one more side, we do participate in task forces. We've established a number of these as pilot projects around the country with our federal partners and state partners and local partners to try and aggregate the impact that we can have in this area. But this is a new attempt to.
REP. TANNER: All right. Now I understand that your administration hopes to process 97 percent of all Social Security number applications within five days. How, tell me, do you have the manpower to do that and with some level of degree of certainty as it relates to the fact that the person that you are actually giving a Social Security number to exists, number one, and, number two, it's not somebody else? I mean, 97 percent in five days is a laudable goal, but it seems to me that if we're going to really research the accuracy of this event in our lives, that's a pretty tall order. You have the resources to do that, do you feel?
MR. HUSE: Well, in our recent audit work on this issue of the customer service goal that Social Security has to issue numbers within by case. We have suggested and recommended in our audit work to the SSA that this process is probably too much of a, too fast, that with today's technology and the ability to counterfeit almost anything so that it looks real, we need to slow this process down to verify the actual breeder documents that go behind the Social Security-- birth certificates or other documentation.
REP. TANNER: That was the purpose of my question. Most people now getting Social Security numbers, I would guess, are infants. And it seems to me waiting 10, 15 even a month to give an infant a Social Security number because you're doing a check in some manner that is going to give you a reasonable degree of certainty that this person exists and is the one you want, it seems to me that that's not an unreasonable imposition on an infant that's two months old.
Now, if I'm wrong in that I stand corrected. Mr. Chairman, if I may ask one more question here with unanimous consent, you heard what Colonel Stevens and his wife testified, I assume?
MR. HUSE: I did.
REP. TANNER: Do you have any suggestions for us to tell to them? I was horrified really. This man and his wife's life has literally be ruined through no fault of their own in terms of their plans for their children, grandchildren, and so forth. You heard it. This to me is an outrageous abuse of a system, and the system I think ought to respond in some manner more than just saying, well, you know, we're really sorry about this; we're going to look into it.
Now, I suggested to him that the people who continue to circulate knowingly false credit reports may be liable if they know and continue to recycle these -- the candle being re-lit all the time I believe is the way he put it.
Do you have any suggestion for people in his and his wife's circumstance? I'd sure like to help them.
MR. HUSE: It's my understanding that as the Federal Trade Commission's ability to take in these victims' reports they then would have the power or at least the civil authority to sanction these entities that improperly recycle bogus credit histories. Although I think that same power probably should be applied to some of our investigative agencies perhaps in civil monetary penalty area, at least where victims have no other recourse, there needs to be a way to make people pay for re-circulating what basically is data garbage.
REP. TANNER: Right. Does the FTC have that authority in your opinion now?
MR. HUSE: I don't know that for a fact. I'm going to look back. They regulate but they don't have any enforcement authority. Civil enforcement authority. That's why I'm suggesting--
REP. TANNER: Well, if they were going to be civilly fined for re-circulating this, who would do that?
MR. HUSE: Well, I'm suggesting that perhaps in the civil monetary penalty area that we could do that. We have that --
REP. TANNER: You have that authority now?
MR. HUSE: We have some civil monetary penalty authority in some areas. But we're asking for that to be expanded to add that dimension to our array of tools that we could use to help victims.
REP. TANNER: Have you submitted a suggestion along that line formally to the chairman and the committee?
MR. HUSE: I have forwarded to the chairman, yes.
REP. TANNER: Thank you. Mr. Chairman, I apologize for taking so much time, but this is important. Thank you.
REP. SHAW: Don't apologize. This is important. Mr. Portman.
REP. PORTMAN: Thank you, Mr. Chairman. And I might follow up on some of the recommendations that you've made in your testimony today and see if we can perhaps get at kind of the next level as to how we would approach this. The story we heard at the start today from Colonel and Mary Stevens has to focus everybody's attention, and they're not the only ones of course. There are people out there all over the place unfortunately who are having their Social Security numbers stolen and then end up in a living hell really which is what they're going through right now.
And one of the things that you just responded to in Mr. Tanner's questioning was something you testified to which is broadening civil monetary penalty authority for the misuse of the Social Security number or the sale of the Social Security number. You just said that you'd thought the Social Security Administration might be the place to expand on existing authority.
Can you elaborate on that a little bit and perhaps provide some more information to the committee regarding that possibility?
MR. HUSE: I'd be glad to do that. I think perhaps it would be better if I refined that a little bit in writing, and I'd be glad to do that.
REP. PORTMAN: Why don't do that? It would be for the subcommittee here, but I know I'd be interested in personally but I'm sure the subcommittee would like to hear about what specifically you would recommend in that regard. Clearly there's not adequate recourse right now for people like the Stevens. Another recommendation you have that I see is to legislate statutory law enforcement authority for your investigators. How would this help to combat Social Security fraud? Is this a security fraud issue or some other issue?
MR. HUSE: It's Social Security fraud that's the driver for us, but Social Security fraud as it rushes into what becomes an identity fraud.
F: Okay. What is the Social Security number issue?
MR. HUSE: We have a responsibility as part of this array of federal, state and local law enforcement because we are at the front end of most of this process to be a cooperative piece of whatever they do. And our ability to task force, to cross-deputize local and state law enforcement to participate with us in different investigative endeavors to tackle some of these things-- and some of them are very complex conspiracies. We can't do that under the existing authorities that we have now. We're deputized United States marshals. That's the way IG investigators are pulled into the federal law enforcement family under current rules. But if we had our freestanding statutory authority as some inspector generals do in the Department of Agriculture and Department of Defense, we would then have the ability to deputize others, other sworn law enforcement to help us in these projects. That's the key reason we need.
REP. PORTMAN: That's the authority that you're looking for.
MR. HUSE: Yes.
REP. PORTMAN: Primarily. Let me go quickly to other recommendations you've made to reduce fraud. One is that people show a photo ID when they're conducting business with the Social Security Administration. This seems like a useful suggestion. But I wonder, what portion of the population doesn't have a photo ID?
MR. HUSE: I'm not aware of many that don't, but I do know that it's not a common business practice in Social Security's field operations today.
REP. PORTMAN: They do not require a photo ID?
MR. HUSE: They don't. We had evidence here a week or so ago even in this before this committee where a woman obtained the ability to become a representative payee without ever showing any identification. She did it over the telephone. These type of practices in today's world, you can't take people on faith anymore. It's unfortunate, but you really need to have more vetting, I think, of your identity in a lot of transactions today.
REP. PORTMAN: This could cut down on fraud in a lot of areas in Social Security, not just in terms of the number-- federal card.
MR. HUSE: Agreed.
REP. PORTMAN: So it's a broader issue. Again, I think it's a useful suggestion. I also though know that Social Security is rightfully so doing much more on-line now, and you are looking to expand that, provide services on-line like applications for retirement benefits. And obviously at least with existing technology requiring a photo ID in the context of an on-line service is going to be difficult. How do you reconcile this trend toward more on-line services with a photo ID requirement?
MR. HUSE: Well, I agree-- you know, until we get to the actual visual biometrics that may come in the future-- and I think they will. I mean I think our commerce will drive that. For electronic service we're going to need some aspects of public key infrastructure technology to enable us to do business over the internet or to transact business electronically.
REP. PORTMAN: Both for privacy reasons and fraud reasons?
MR. HUSE: For both reasons. And I think this is of necessity will limit then the potential of electronic commerce because not everybody is really going to be able to have their piece of the public key trade-off in order to be able to identify themselves. I mean, first of all, you'd have to have some ways to do that. We're going to end up with both tiers of service for a long, long time-- person to person and electronic. But the electronic will have to be public key infrastructure.
REP. PORTMAN: Well, I appreciate what you're doing with regard to fraud and also with regard to insuring people's privacy which I think, you know in our digital economy is an increasingly troublesome issue to a lot of us and something that in the area of Social Security we can make an impact on. Thank you.
MR. HUSE: Thank you.
REP. SHAW: Mr. Cardin.
REP. BENJAMIN L. CARDIN (D-MD): Thank you, Mr. Chairman. I very much appreciate your testimony. I also want to concentrate on some of your recommendations. You have recommended that we regulate the sale of SSNs and I hope you're aware of HR-1450 by Representative Kleczka. I see that you are. He's introduced legislation that would prohibit the sale or purchase of any information that includes one's Social Security number unless there's a written consent from the individual.
You've also recommended prohibiting businesses from refusing services for nondisclosure of SSN numbers when not relevant to the services being provided. That provision is included in Congressman Kleczka's bill along with prohibiting merchants from requiring a Social Security number on a check that is used for the purchase of an entity or utility company from asking for SSS numbers on service applications.
And then of course you also have suggested broadening the civil monetary penalty authority for the sale or misuse of SSN numbers. So I guess my question to you, have you had a chance to review Congressman Kleczka's legislation, and do you have any view as to whether what's included in that legislation would help carry out the recommendations you're making to this committee?
MR. HUSE: The very short answer is, we have seen Congressman Kleczka's bill, and I believe it's an effective, a good start. I think it, it pretty much addresses the issues that I suggest in my recommendations.
REP. CARDIN: I understand we're going to be having a subsequent hearing and Congressman Kleczka will have a chance to present his bill to our committee. But I think your information or your views on legislation that's pending is very helpful to us, and we certainly very much appreciate the information that you've made available to us as we try to give the right tools to protect our constituents. Thank you very much.
MR. HUSE: Thank you, sir.
REP. SHAW: Mr. Huse, very quickly, in your testimony you mention that 80 percent of 75 percent of the cases that you do which if my math's correct it's 60,000 in 1999 involved the misuse of Social Security numbers. Is that a growing problem? And what would be your guess as to the percentages of misuse ever get to your attention?
MR. HUSE: I didn't hear the very last-- REP. SHAW: My question is two-fold. One, is this an increasing problem? In other words, is '99 more than '98? And the second part of that question, what percentage of the cases would you estimate if you can only estimate, are brought to your attention?
MR. HUSE: That is a very good question and one that we have one of the largest hot lines in government. And yet we don't really get the whole universe of calls that come to us every day. Each year that we've had this capacity increase on the hot line we've gotten more and more allegations.
And the constant in terms of from the allegations we get, the pieces that involve SSN misuse--
REP. SHAW: I don't know-- how would somebody know to get to you? Did Colonel Stevens, has he come to you? Or do you know? And how would anybody really think to get in touch with your office on this?
MR. HUSE: We have, we've made the number public. I know a lot of newspapers have published it.
REP. SHAW: Are these referred-- if I were to call the Social Security Administration and say, hey, someone's using my number, would they refer me to you?
MR. HUSE: They would gate you over to the hot line.
REP. SHAW: So that's the way you get most of your--
MR. HUSE: We get a lot of it that way, and others, people just call the 800 number directly. But to answer your question, it is growing. But what I can answer for you is what the universe is because we --
REP. SHAW: Well, perhaps for the record you could let us know what the first four or five months of this year, how that curve was going.
MR. HUSE: I'd be glad to do that.
REP. SHAW: If you could supply that for the record, I think that's important that we measure that. This has been a very good hearing. The number that we have called the Pentagon to try to find out the answers to the question that I asked to Colonel Stevens. You don't know the answer to that, do you?
MR. HUSE: Well, we don't know if it's a military regulation, but there is no federal law that requires the use of the Social Security number on the transaction.
REP. SHAW: I think some people are making some misstatements in that regard, and I think we need to let the Congress weigh in on that.
MR. HUSE: I also wanted to say that another piece of the Stevens testimony where they were told that there were no federal laws that applied to the situation in 1997-- in effect there were. We've always had good statutes, and what Senator Kyl's bill did was even make it better. But the criminal teeth are there. It's really in the implementation and the coordination of that implementation that we're getting lost because--
REP. SHAW: I would say that your staff would certainly be swamped by the numbers that you have now so that you cannot, you do not have the personnel to adequately investigate all these cases. That's my guess, and I think I'm right on that.
MR. HUSE: You are. We have 300 special agents basically across the United States. That's far too small.
REP. SHAW: And they do more than just this?
MR. HUSE: Their principal mission is the program fraud that Social Security faces.
REP. SHAW: Yeah. So the 60,000 complaints really are not-- you just don't have the personnel to adequately investigate them all?
MR. HUSE: We do not.
REP. SHAW: All right. Well, we will have the response from the Pentagon to my question at the hearing on Thursday which will be a continuation of this hearing. I think this has been very, very helpful, and I appreciate you, Mr. Huse, and all the witnesses that we've had throughout the morning. Thank you. The hearing is adjourned.
END
LOAD-DATE:
May 11, 2000
Document 113 of 261.
Search Terms: personal w/5 information w/5 privacy, House or Senate or Joint
To narrow your search, please enter a word or phrase:
Copyright © 2002, LEXIS-NEXIS®, a division of Reed Elsevier Inc. All Rights Reserved.